Educational Demo Only — This POC illustrates how software can model MiCA (EU Reg. 2023/1114) requirements. It is not legal advice and does not constitute MiCA compliance certification.

CASP Record Keeping & Audit Trail Manager

Demonstrates MiCA Art. 68(9) — Maintaining records for minimum 5-year retention with complete audit trails

4
Total Records
4
Within Retention
1
Expiring (30 days)
0
Eligible for Deletion

Create New Record

MiCA Compliance Note

Implemented

  • Art. 68(9) — 5-year minimum record retention for transactions, communications, compliance actions, and client instructions
  • Art. 68(9) — Records are readily accessible and searchable by client ID, record type, and date range
  • Art. 59 — Scope: demonstrates CASP obligation to maintain order records

Out of Scope

  • Art. 68(9) — NCA extension mechanism (records may be retained up to 7 years if requested by competent authority)
  • Art. 69 — Complaint records (separate POC needed)
  • Art. 74–75 — KYC/CDD documentation and position statements (separate POC needed)

What This POC Does Not Implement

  • Encryption & secure deletion — Data stored in browser memory only; real systems must use FIPS 140-2 compliant encryption and secure erasure (e.g., DOD 5220.22-M)
  • Immutable audit trail — Audit log can be modified in this demo; production requires append-only logs with cryptographic signatures
  • Role-based access control (RBAC) — No authentication; real CASP systems must implement Art. 68 governance with fine-grained RBAC
  • Data integrity verification — No checksums or hashing; production must validate record tampering per Art. 81(3)
  • Regulatory API integration — Deletion requests cannot be submitted to NCA; this would require direct integration with competent authority systems
  • Persistent storage — Records are cleared on page reload; production uses durable databases with disaster recovery and backup retention policies